DMail Security Fault Notice 5 June 2000.

If you cannot find an appropriate build for your operating system email support-dmail@netwinsite.com with details
and we will provide a build as soon as possible.

Tehnicial Details

The fault is such that root access can be gained primarily to linux hosts using a web
published exploit program.

If you are on Linux, then to find out whether your system has been attacked, do this:
grep "etrn" /usr/local/dmail/dwatch/*.ded
If that finds any lines dated within the last 3 days, it is likely that your system has been
attacked.

The fault could be exploited on other systems in future, so it is essential that you
upgrade, even if you are not running linux.

We applogize for this fault and we are not happy that it existed in the first place, but we
believe that the above versions will be immune to all similar attacks. However, we will be
investigating further in an attempt to find and remove any other possible exploits.